MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f94b0f80e388a334966348b28425afc527d24be0f97eaa2015c89db70275ebd5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: f94b0f80e388a334966348b28425afc527d24be0f97eaa2015c89db70275ebd5
SHA3-384 hash: 9b93e4f1502a0cd95fc51ee43b519174beb4cd39be5c0fb0848ec5f15177bd2e2f08f730e5cbd597f94a9ac4de9697d3
SHA1 hash: 7b45c21201987277d8d52205b197d735a961da7b
MD5 hash: b515b47f39a3be43726f3bc60e709e07
humanhash: september-shade-georgia-sad
File name:dlr.m68k
Download: download sample
Signature Mirai
Create hunting rule
File size:1'364 bytes
First seen:2026-01-15 04:32:14 UTC
Last seen:2026-01-15 09:40:13 UTC
File type: elf
MIME type:application/x-executable
ssdeep 24:3/PAa8DzSWPpbP78Pwy74+CiCTHnhHCJtD8ECAfGrioxn2hgFmFmFmF8NoX1sax:XApP3hb/mkTnhiJt8DAfPZhgUUUiNsbx
TLSH T1A021CE0DF7595E4FD9A710B8196B06263420BE5AF8134412B3359D7F6E3B1D4171A28E
TrID 50.1% (.) ELF Executable and Linkable format (Linux) (4022/12)
49.8% (.O) ELF Executable and Linkable format (generic) (4000/1)
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
4
# of downloads :
127
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Detection(s):
SecuriteInfo.com.Linux.DownLoader.368.8814.8735.UNOFFICIAL
Create hunting rule

Verdict:
Unknown
Threat level:
  0/10
Confidence:
100%
Tags:
gcc masquerade
Link:
https://www.filescan.io/uploads/69686dda3827c9e1249ef403/reports/b810aff7-0603-4a5a-b54f-f6c11c77fe1b/overview
Verdict:
Malicious
File Type:
elf.32.be
First seen:
2026-01-15T01:52:00Z UTC
Last seen:
2026-01-15T12:48:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/f94b0f80e388a334966348b28425afc527d24be0f97eaa2015c89db70275ebd5/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/301036c5-3c52-4052-9e7a-495a2ad272af
Behavior Graph:
Download SVG
%3 guuid=ab371346-1900-0000-96ab-f2cceb080000 pid=2283 /usr/bin/sudo guuid=bda2c747-1900-0000-96ab-f2ccf1080000 pid=2289 /tmp/sample.bin guuid=ab371346-1900-0000-96ab-f2cceb080000 pid=2283->guuid=bda2c747-1900-0000-96ab-f2ccf1080000 pid=2289 execve
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/b93e97e8-3d1a-4a41-add8-32f57af56c50
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1851047
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/f94b0f80e388a334966348b28425afc527d24be0f97eaa2015c89db70275ebd5
Detection:
mirai
Create hunting rule
Link:
https://mwdb.cert.pl/sample/f94b0f80e388a334966348b28425afc527d24be0f97eaa2015c89db70275ebd5/
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2026-01-15 04:32:23 UTC
File Type:
ELF32 Big (Exe)
AV detection:
11 of 24 (45.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=7ffq7ahdrcrtjftdjcziijnpyut5es7a7f7kuiavzco3oatv5pkq._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/260115-e54vlabw9h/
Verdict:
Unknown
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/0fec0d1d-3e61-4c56-925b-567c39c1e02e
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/f94b0f80e388a334966348b28425afc527d24be0f97eaa2015c89db70275ebd5

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf f94b0f80e388a334966348b28425afc527d24be0f97eaa2015c89db70275ebd5

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3758213/
  
Delivery method
Distributed via web download

Comments